Language Selection

English French German Italian Portuguese Spanish

Debian

Debian vs. Ubuntu: Best Linux Distro for Laptops, Desktops, and Servers

Filed under
Debian
Ubuntu

There is a seemingly endless list of distributions to choose from if you’re interested in Linux. That said, one of the most popular distributions is Ubuntu. If you’ve heard of Linux, chances are you’ve heard of Ubuntu.

You may have heard that Ubuntu is based on another distribution, Debian. Which one should you choose? Is it a matter of preference, or is easy distribution better suited to different use cases?

Read more

Tails 3.14.1 is out

Filed under
GNU
Linux
Security
Web
Debian

This release is an emergency release to fix a critical security vulnerability in Tor Browser.

It also fixes other security vulnerabilities. You should upgrade as soon as possible.

Read more

Also: It's Time to Switch to a Privacy Browser

MX GNU/Linux, A Desktop Mix of Mepis and Antix without Systemd

Filed under
GNU
Linux
Debian

MX is an interesting desktop GNU/Linux based on Debian but without Systemd. It's powered with simple and user friendly interface thanks to XFCE Desktop. It's actually very lightweight, shipped with a lot of MX own tools (including remastering and tweaking ones), available in 32-bit and 64-bit architectures. The latest version, MX-18 "Continuum", equipped with ability to search and install Flatpak applications. Last but not least, MX exists as collaboration between two big communities, Mepis and antiX, hence the name MX since 2008 up to today. I hope you enjoy my overview below introducing several good points of MX.

Read more

Funding for GNU and Debian

Filed under
GNU
Debian
  • Paying (some) Debian developers

    In an offshoot of the Debian discussion we looked at last week, the Debian project has been discussing the idea of paying developers to work on the distribution. There is some history behind the idea, going back to the controversial Dunc-Tank initiative in 2006, but some think attitudes toward funding developers may have changed—or that a new approach might be better accepted. While it is playing out with regard to Debian right now, it is a topic that other projects have struggled with along the way—and surely will again.

    The discussion on the debian-devel mailing list about possibly recommending dh for building packages that we covered headed into a bit of a tangent on "difficult packaging practices" that might be preventing new people from contributing. From there, Andreas Tille brought up the longstanding idea of creating some kind of Debian equivalent to the Ubuntu personal package archives (PPAs). Raphaël Hertzog suggested that it might be worth using some of the money in the Debian bank account to fund the development of such a feature.

  • Double the movement: Inspire someone to explore free software

    Thank you for being part of our exceptionally generous community. Your interest in our mission is what got us where we are, in position to succeed if we keep at it. While it's incredible to have hundreds of thousands of subscribers around the world, we need to connect with millions if we're to realize a world free of proprietary software. This spring, we have set ourselves goals to reach 200 new members and 400 donations before July 15th, and to achieve them, we need your help. Please take this moment to publicly share your passion for free software. If each free software supporter inspires just one other, we can double our strength.

    We tasked free software designer Raghavendra Kamath with creating some inspiring visual images to help us spread our message further. You can find these banners and profile images, including their embed codes, here. Sharing these images online might inspire someone to explore free software, and may give reasons for you to educate your friends and family about why free software matters. Use the hashtag #ISupportFreeSoftware when you share the images online or on your social media.

Debian: Cross-Version Benchmarks, Debian LTS and HubLinked Meeting in Dublin

Filed under
Debian
  • A Quick Look At The Debian 10.0 Buster vs. Debian 9.9 Performance

    With Debian 10 "Buster" due to be releasing in early July, I've begun testing the near-final Buster images on various systems. Here is a look at a common Intel Core i7 system comparing the current performance of Debian 10.0 to the current stable 9.9 release.

    On the Core i7 8700K system, Debian 9.9 vs. 10.0 were benchmarked with the same hardware under test and each Debian release being cleanly installed and kept to its default settings.

  • Freexian’s report about Debian Long Term Support, May 2019

    Like each month, here comes a report about the work of paid contributors to Debian LTS.

  • Virtual Labs presentation at the HubLinked meeting in Dublin

    We have participated to the HubLinked workshop in Dublin this week, where I delivered a presentation on some of our efforts on Virtual Labs, in the hope that this could be useful to the partners designing the “Global Labs” where students will experiment together for Software Engineering projects.

Debian GNU/Linux riscv64 port in mid 2019

Filed under
Debian

As it can be seen in the first graph, perhaps with some difficulty, is that the percent of arch-dependent packages built for riscv64 (grey line) has been around or higher than 80% since mid 2018, just a few months after the port was added to the infrastructure.

Given than the arch-dependent packages are about half of the Debian['s main, unstable] archive and that (in simple terms) arch-independent packages can be used by all ports (provided that the software that they rely on is present, e.g. a programming language interpreter), this means that around 90% of packages of the whole archive has been available for this architecture from early on.

Read more

Move to pay Debian devs for project work rears its head again

Filed under
GNU
Linux
Debian

The idea of paying developers to work on Debian GNU/Linux packages has reared its head again, with senior developer Raphael Hertzog proposing that project funds be used for the purpose.

Hertzog made the suggestion in a reply to a post on one of the project's mailing lists which was part of a thread on the subject "Why do we take so long to realise good ideas?"

"Use the $300,000 on our bank accounts?", he wrote, adding that he had heard of another US$300,000 donation made by Google to the project though he was unable to find any publicly accessible reference to it.

The idea of paying developers for their work on what is a community project was raised 13 years ago by former project leader Anthony Towns, with the reason being the speeding up of development so that releases could take place sooner. The idea did not prove very popular as it was meant to be run outside the project proper and was meant to pay core members for their work.

Read more

Debian: Outreachy, Patches and LTS Work by Raphaël Hertzog

Filed under
Debian

Bits from Debian: 100 Paper cuts kick-off

Filed under
Debian

Is there a thorny bug in Debian that ruins your user experience? Something just annoying enough to bother you but not serious enough to constitute an RC bug? Are grey panels and slightly broken icon themes making you depressed?

Then join the 100 papercuts project! A project to identify and fix the 100 most annoying bugs in Debian over the next stable release cycle. That also includes figuring out how to identify and categorize those bugs and make sure that they are actually fixable in Debian (or ideally upstream).

The idea of a papercuts project isn't new, Ubuntu did this some years ago which added a good amount of polish to the system.

Read more

Seeking consensus on dh

Filed under
Debian

Debian takes an almost completely "hands off" approach to the decisions that Debian developers (DDs) can make in regard to the packaging and maintenance of their packages. That leads to maximal freedom for DDs, but impacts the project in other ways, some of which may be less than entirely desirable. New Debian project leader (DPL) Sam Hartman started a conversation about potential changes to the Debian packaging requirements back in mid-May. In something of a departure from the Debian tradition of nearly endless discussion without reaching a conclusion (and, possibly, punting the decision to the technical committee or a vote in a general resolution), Hartman has instead tried to guide the discussion toward reaching some kind of rough consensus.

The question revolves around an adjunct to the debhelper tool that is used to build many Debian packages. The additional tool is a "command sequencer" for debhelper commands; it is called dh. Debhelper has commands that get invoked from the rules file that is used to build a .deb from the source code and other files that are part of a Debian package. By default, dh steps through a sequence of debhelper commands that should suffice to build many types of packages; if some of the steps need overrides or changes, that can be handled as well. In effect, dh encapsulates the standard way to build a Debian package using debhelper.

But not all packages use dh, so Hartman asked whether the distribution wanted to require, or at least recommend, the use of dh. In that posting to debian-devel, he noted that some have said that a package not using dh has a "package smell", which is an indication that the maintainers should consider fixing it. His question might ultimately boil down to "whether maintainers should be expected to apply well-written patches to convert a package to using dh".

Read more

Syndicate content

More in Tux Machines

Android Leftovers

One Mix Yoga 3 mini laptop demostrated running Ubuntu

If you are in interested in seeing how the Ubuntu Linux operating system runs on the new One Mix Yoga 3 mini laptop. You are sure to be interested in the new video created by Brad Linder over at Liliputing. “ I posted some notes about what happened when I took Ubuntu 19.04 for a spin on the One Mix 3 Yoga in my first-look article, but plenty of folks who watched my first look video on YouTube asked for a video… so I made one of those too.” The creators of the One Mix Yoga 3 have made it fairly easy to boot an alternative operating system simply by plugging in a bootable flash drive or USB storage device. As the mini laptop is powering up simply hit the delete key and you will be presented by the BIOS/UEFI menu. Simply change the boot priority order so that the computer will boot from a USB device and you are in business. Read more

Security: Curl, Fedora, Windows and More

  • Daniel Stenberg: openssl engine code injection in curl

    This flaw is known as CVE-2019-5443. If you downloaded and installed a curl executable for Windows from the curl project before June 21st 2019, go get an updated one. Now.

  • Fedora's GRUB2 EFI Build To Offer Greater Security Options

    In addition to disabling root password-based SSH log-ins by default, another change being made to Fedora 31 in the name of greater security is adding some additional GRUB2 boot-loader modules to be built-in for their EFI boot-loader. GRUB2 security modules for verification, Cryptodisk, and LUKS will now be part of the default GRUB2 EFI build. They are being built-in now since those using the likes of UEFI SecureBoot aren't able to dynamically load these modules due to restrictions in place under SecureBoot. So until now using SecureBoot hasn't allowed users to enjoy encryption of the boot partition and the "verify" module with ensuring better integrity of the early boot-loader code.

  • Fedora 31 Will Finally Disable OpenSSH Root Password-Based Logins By Default

    Fedora 31 will harden up its default configuration by finally disabling password-based OpenSSH root log-ins, matching the upstream default of the past four years and behavior generally enforced by other Linux distributions. The default OpenSSH daemon configuration file will now respect upstream's default of prohibiting passwords for root log-ins. Those wishing to restore the old behavior of allowing root log-ins with a password can adjust their SSHD configuration file with the PermitRootLogin option, but users are encouraged to instead use a public-key for root log-ins that is more secure and will be permitted still by default.

  • Warning Issued For Millions Of Microsoft Windows 10 Users

    Picked up by Gizmodo, acclaimed Californian security company SafeBreach has revealed that software pre-installed on PCs has left “millions” of users exposed to hackers. Moreover, that estimate is conservative with the number realistically set to be hundreds of millions. The flaw lies in PC-Doctor Toolbox, systems analysis software which is rebadged and pre-installed on PCs made by some of the world’s biggest computer retailers, including Dell, its Alienware gaming brand, Staples and Corsair. Dell alone shipped almost 60M PCs last year and the company states PC-Doctor Toolbox (which it rebrands as part of ‘SupportAssist’) was pre-installed on “most” of them. What SafeBreach has discovered is a high-severity flaw which allows attackers to swap-out harmless DLL files loaded during Toolbox diagnostic scans with DLLs containing a malicious payload. The injection of this code impacts both Windows 10 business and home PCs and enables hackers to gain complete control of your computer. What makes it so dangerous is PC-makers give Toolbox high-permission level access to all your computer’s hardware and software so it can be monitored. The software can even give itself new, higher permission levels as it deems necessary. So once malicious code is injected via Toolbox, it can do just about anything to your PC.

  • Update Your Dell Laptop Now to Fix a Critical Security Flaw in Pre-Installed Software

    SafeBreach Labs said it targeted SupportAssist, software pre-installed on most Dell PCs designed to check the health of the system’s hardware, based on the assumption that “such a critical service would have high permission level access to the PC hardware as well as the capability to induce privilege escalation.” What the researchers found is that the application loads DLL files from a folder accessible to users, meaning the files can be replaced and used to load and execute a malicious payload. There are concerns the flaw may affect non-Dell PCs, as well. The affected module within SupportAssist is a version of PC-Doctor Toolbox found in a number of other applications, including: Corsair ONE Diagnostics, Corsair Diagnostics, Staples EasyTech Diagnostics, Tobii I-Series Diagnostic Tool, and Tobii Dynavox Diagnostic Tool. The most effective way to prevent DLL hijacking is to quickly apply patches from the vendor. To fix this bug, either allow automatic updates to do its job, or download the latest version of Dell SupportAssist for Business PCs (x86 or x64) or Home PCs (here). You can read a full version of the SafeBreach Labs report here.

  • TCP SACK PANIC Kernel Vulnerabilities Reported by Netflix Researchers

    On June 17th, Researchers at Netflix have identified several TCP networking vulnerabilities in FreeBSD and Linux kernels.

  • DNS Security - Getting it Right

    This paper addresses the privacy implications of two new Domain Name System (DNS) encryption protocols: DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH). Each of these protocols provides a means to secure the transfer of data during Internet domain name lookup, and they prevent monitoring and abuse of user data in this process. DoT and DoH provide valuable new protection for users online. They add protection to one of the last remaining unencrypted ‘core’ technologies of the modern Internet, strengthen resistance to censorship and can be coupled with additional protections to provide full user anonymity. Whilst DoT and DoH appear to be a win for Internet users, however, they raise issues for network operators concerned with Internet security and operational efficiency. DoH in particular makes it extremely difficult for network operators to implement domain-specific filters or blocks, which may have a negative impact on UK government strategies for the Internet which rely on these. We hope that a shift to encrypted DNS will lead to decreased reliance on network-level filtering for censorship.

Drawpile 2.1.11 release

Version 2.1.11 is now out. In addition to bug fixes, this release adds one long awaited feature: the ability to detach the chat box into a separate window. Another important change is to the server. IP bans now only apply to guest users. When a user with a registered account is banned, the ban is applied to the account only. This is to combat false positives caused by many unrelated people sharing the same IP address because of NAT. Read more Also: Drawpile 2.1.11 Released! Allow to Detach Chat Box into Separate